package cage

import (
	"fmt"

	"kernel.org/pub/linux/libs/security/libcap/cap"
)

// setIDWithCaps uses the cap.SetUID and cap.SetGroups functions.
func SetIDsWithCaps(setUID, setGID int, gids []int) error {
	if err := cap.SetGroups(setGID, gids...); err != nil {
		return fmt.Errorf("group setting failed: %w", err)
	}

	if err := cap.SetUID(setUID); err != nil {
		return fmt.Errorf("user setting failed: %w", err)
	}

	return nil
}

